"Bandit": Bandit,
"NATTACK": NATTACK,
"Sign_SGD": Sign_SGD,
"ZOO": ZOO,
"Liu": OPT_attack_sign_SGD_v2,
"Evolutionary": Evolutionary
}
net.cuda()
net.eval()
model = net
amodel = PytorchModel(model, bounds=[0,1], num_classes=10)
if args.attack=="Bandit":
attack = attack_list[args.attack](amodel,args.exploration,args.fd_eta,args.online_lr,args.mode)
else:
attack = attack_list[args.attack](amodel)
total_r_count = 0
total_clean_count = 0
#logs = torch.zeros(1000,2)
for i, (xi,yi) in enumerate(test_loader):
print(f"image batch: {i}")
if i==args.test_batch:
"FGSM": FGSM,
"NES": NES,
"Bandit": Bandit,
"NATTACK": NATTACK,
"Sign_SGD": Sign_SGD,
"ZOO": ZOO,
"Liu": OPT_attack_sign_SGD_v2,
"Evolutionary": Evolutionary
}
net.cuda()
net.eval()
model = net
amodel = PytorchModel(model, bounds=[0, 1], num_classes=10)
if args.attack == "Bandit":
attack = attack_list[args.attack](amodel, args.exploration, args.fd_eta,
args.online_lr, args.mode)
else:
attack = attack_list[args.attack](amodel)
total_r_count = 0
total_clean_count = 0
#logs = torch.zeros(1000,2)
for i, (xi, yi) in enumerate(test_loader):
print(f"image batch: {i}")
if i == args.test_batch:
#continue
def attack(algorithm,
dataset,
targeted,
norm='l2',
num=50,
stopping_criteria=None,
query_limit=40000,
start_from=0,
gpu=0):
os.environ["CUDA_VISIBLE_DEVICES"] = str(gpu)
print("Attacking:".format(num))
print(" Number of samples - {0}".format(num))
print(" Dataset - {0}".format(dataset.upper()))
print(" Targeted - {0}".format(targeted))
print(" Norm - {0}".format(norm))
print(" Query Limit - {0}".format(query_limit))
print(" GPU - {0}".format(gpu))
print()
if stopping_criteria is not None:
print(" Stopping criteria - {0}".format(stopping_criteria))
if start_from > 0:
print(" Start from {0}".format(start_from))
if dataset == 'mnist':
net = MNIST()
net.cuda()
net = torch.nn.DataParallel(net, device_ids=[0])
load_model(net, 'mnist_gpu.pt')
train_loader, test_loader, train_dataset, test_dataset = load_mnist_data(
)
elif dataset == 'cifar':
net = CIFAR10()
net.cuda()
net = torch.nn.DataParallel(net, device_ids=[0])
load_model(net, 'cifar10_gpu.pt')
train_loader, test_loader, train_dataset, test_dataset = load_cifar10_data(
)
elif dataset == 'imagenet':
net = models.__dict__["resnet50"](pretrained=True)
net.cuda()
net = torch.nn.DataParallel(net, device_ids=[0])
train_loader, test_loader, train_dataset, test_dataset = load_imagenet_data(
)
else:
print("Invalid dataset")
return
net.eval()
model = net.module if torch.cuda.is_available() else net
amodel = PytorchModel(model, bounds=[0, 1], num_classes=10)
attack_type = None
if algorithm == 'opt':
if norm == 'l2':
attack_type = OPT_attack
elif norm == 'linf':
attack_type = OPT_attack_lf
elif algorithm == 'sign_sgd':
if norm == 'l2':
attack_type = OPT_attack_sign_SGD
elif norm == 'linf':
attack_type = OPT_attack_sign_SGD_lf
else:
print("Invalid algorithm")
if attack_type is None:
print("Invalid norm")
if targeted:
attack = attack_type(amodel, train_dataset=train_dataset)
else:
attack = attack_type(amodel)
np.random.seed(0)
seeds = np.random.randint(10000, size=[2 * num])
count = 0
for i, (xi, yi) in enumerate(test_loader):
if i < start_from:
continue
if count == num:
break
seed_index = i - start_from
np.random.seed(seeds[seed_index])
target = np.random.randint(10) * torch.ones(
1, dtype=torch.long).cuda() if targeted else None
print("Attacking Source: {0} Target: {1} Seed: {2} Number {3}".format(
yi.item(), target, seeds[seed_index], i))
adv, dist = attack(xi.cuda(),
yi.cuda(),
target=target,
seed=seeds[seed_index],
query_limit=query_limit)
if dist > 1e-8 and dist != float('inf'):
count += 1
print()
net.eval()
#net = VGG_rse('VGG16', 10, 0.2,0.1, img_width=32)
#net = VGG_plain('VGG16', 10, img_width=32)
#net.cuda()
#net = torch.nn.DataParallel(net, device_ids=[0])
#load_model(net,'./defense_model/cifar10_vgg_plain.pth')
#net.eval()
#model = net.module if torch.cuda.is_available() else net
#net = CIFAR10()
#net = torch.nn.DataParallel(net, device_ids=[0])
#load_model(net, 'cifar10_gpu.pt')
#net.eval()
#net.cuda()
model = net.module if torch.cuda.is_available() else net
amodel = PytorchModel(model, bounds=[0, 1], num_classes=10)
attack = attack_list[args.attack](amodel)
#attack = CW(amodel)
#attack = FGSM(amodel)
#attack = OPT_attack(amodel)
#attack = OPT_attack_sign_SGD_lf(amodel)
#attack = OPT_genattack(amodel)
#attack = OPT_attack(amodel)
#attack = NES(amodel)
#attack = ZOO(amodel)
#attack = PGD(amodel)
#attack = OPT_attack_sign_SGD(amodel)
#train_loader, test_loader, train_dataset, test_dataset = load_mnist_data(args.test_batch_size)
#train_loader, test_loader, train_dataset, test_dataset = load_cifar10_data()
for i, (xi, yi) in enumerate(test_loader):
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
Created on Tue Jul 24 14:32:48 2018
"""
from CW import CW
from FGSM import FGSM
from OPT_attack import OPT_attack
from ZOO import ZOO
from models import PytorchModel
import torch
from allmodels import MNIST, load_model, load_mnist_data
net = MNIST()
net.cuda()
net = torch.nn.DataParallel(net, device_ids=[0])
load_model(net, 'mnist_gpu.pt')
net.eval()
model = net.module if torch.cuda.is_available() else net
amodel = PytorchModel(model, bounds=[0, 1], num_classes=10)
attack = CW(amodel)
train_loader, test_loader, train_dataset, test_dataset = load_mnist_data()
for i, (xi, yi) in enumerate(test_loader):
xi_v = torch.autograd.Variable(xi)
res = amodel.predict(xi_v)
print(res.size())
attack(xi, yi)